Md5加密算法

通過在註冊和登錄時，使用md5加密算法，提高系統安全性。

package com.dyoon.util;

import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.logging.Level;
import java.util.logging.Logger;

public class Md5Util {

public static String md5(String inputString) {
if (inputString == null) {
return "";
} else {
String value = null;
MessageDigest md5 = null;
try {
md5 = MessageDigest.getInstance("MD5");
} catch (NoSuchAlgorithmException ex) {
Logger.getLogger(Md5Util.class.getName()).log(Level.SEVERE, null, ex);
}
sun.misc.BASE64Encoder baseEncoder = new sun.misc.BASE64Encoder();
try {
value = baseEncoder.encode(md5.digest(inputString.getBytes("utf-8")));
} catch (Exception ex) {
}
return value;
}
}
}

在註冊和登錄時，加密碼使用md5算法，如下：

@RequestMapping(value = "/register")
@Token(save=true)
public ModelAndView register(HttpServletRequest request, HttpServletResponse response) {


ModelAndView mv = new ModelAndView();
Member newMember = new Member();
boolean flag = checkMembername(request.getParameter("memberName"));
if (flag == true) {
mv.addObject("msg", "用戶名已存在");
mv.setViewName("register");
} else {
newMember.setMemberName(request.getParameter("memberName"));
newMember.setPassword(Md5Util.md5(request.getParameter("password")));
newMember.setSex(request.getParameter("sex"));
newMember.setEmail(request.getParameter("email"));
newMember.setCity(request.getParameter("city"));
newMember.setPhone(request.getParameter("phone"));
newMember.setAddress(request.getParameter("address"));
memberService.save(newMember);


mv.addObject("msg", "註冊成功");
mv.setViewName("account");
}
return mv;
}

@RequestMapping(value = "/login")
@Token(save=true)
public ModelAndView login(HttpSession session,HttpServletRequest request, PrintWriter out) {
ModelAndView mv = new ModelAndView();
Member member;
try {
member = memberService.findByMembername(request.getParameter("memberName"));
} catch (Exception e) {
member = null;
}
if (member == null||!(member.getPassword().equals(Md5Util.md5(request.getParameter("password"))))) {

mv.addObject("flag", "false");
mv.setViewName("account");
}  else {
//在session中保存用戶信息
session.setAttribute("memberName", request.getParameter("memberName"));
//設置跳轉頁面
mv.setViewName("index");
}
return mv;
}

註冊時，將密碼加密，密文存進數據庫；登錄時，輸入密碼，表單提交，將提交的密碼加密，與數據庫中的密文比較，若相等，則登錄成功，否則登錄失敗，重新定位到登錄界面。